This is an automated email from the ASF dual-hosted git repository. pradeep pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
commit db9f9a488e99092b9c0dba125dcb5e5efa2ad9a6 Author: pradeep <prad...@apache.org> AuthorDate: Wed Sep 22 16:17:52 2021 +0530 RANGER-3439: REST api to get or delete ranger policy based on guid and service name --- .../java/org/apache/ranger/biz/ServiceDBStore.java | 11 ++++ .../java/org/apache/ranger/db/XXPolicyDao.java | 12 ++++ .../java/org/apache/ranger/rest/PublicAPIsv2.java | 14 +++++ .../java/org/apache/ranger/rest/ServiceREST.java | 64 ++++++++++++++++++++++ .../main/resources/META-INF/jpa_named_queries.xml | 4 ++ 5 files changed, 105 insertions(+) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 3cd289c..f13cef7 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -2298,6 +2298,17 @@ public class ServiceDBStore extends AbstractServiceStore { return policyService.read(id); } + public RangerPolicy getPolicy(String guid, String serviceName) throws Exception { + RangerPolicy ret = null; + if (StringUtils.isNotBlank(guid) && StringUtils.isNotBlank(serviceName)) { + XXPolicy xPolicy = daoMgr.getXXPolicy().findByPolicyGUIDAndServiceName(guid, serviceName); + if (xPolicy != null) { + ret = policyService.getPopulatedViewObject(xPolicy); + } + } + return ret; + } + @Override public List<RangerPolicy> getPolicies(SearchFilter filter) throws Exception { if(LOG.isDebugEnabled()) { diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java index 8659267..41ca8b2 100644 --- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java +++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java @@ -284,4 +284,16 @@ public class XXPolicyDao extends BaseDao<XXPolicy> { } return ret; } + + public XXPolicy findByPolicyGUIDAndServiceName(String guid, String serviceName) { + if (guid == null || serviceName == null) { + return null; + } + try { + XXPolicy xPol = getEntityManager().createNamedQuery("XXPolicy.findByGUIDAndServiceName", tClass).setParameter("guid", guid).setParameter("serviceName", serviceName).getSingleResult(); + return xPol; + } catch (NoResultException e) { + return null; + } + } } \ No newline at end of file diff --git a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java index ab2f54a..6ab3d52 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java @@ -410,6 +410,13 @@ public class PublicAPIsv2 { return serviceREST.getPoliciesForResource(serviceDefName, serviceName, request); } + @GET + @Path("/api/policy/guid/{guid}") + @Produces({ "application/json", "application/xml" }) + public RangerPolicy getPolicyByGUIDAndServiceName(@PathParam("guid") String guid, @DefaultValue("") @QueryParam("serviceName") String serviceName) { + return serviceREST.getPolicyByGUIDAndServiceName(guid, serviceName); + } + @POST @Path("/api/policy/") @Produces({ "application/json", "application/xml" }) @@ -506,6 +513,13 @@ public class PublicAPIsv2 { } } + @DELETE + @Path("/api/policy/guid/{guid}") + @Produces({ "application/json", "application/xml" }) + public void deletePolicyByGUIDAndServiceName(@PathParam("guid") String guid, @DefaultValue("") @QueryParam("serviceName") String serviceName) { + serviceREST.deletePolicyByGUIDAndServiceName(guid, serviceName); + } + @GET @Path("/api/plugins/info") public List<RangerPluginInfo> getPluginsInfo(@Context HttpServletRequest request) { diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index f0bf64e7..01e952a 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@ -3759,6 +3759,70 @@ public class ServiceREST { return new ResponseEntity<>(deletedServices, responseStatus); } + @GET + @Path("/policies/guid/{guid}") + @Produces({ "application/json", "application/xml" }) + public RangerPolicy getPolicyByGUIDAndServiceName(@PathParam("guid") String guid, @DefaultValue("") @QueryParam("serviceName") String serviceName) { + if (LOG.isDebugEnabled()) { + LOG.debug("==> ServiceREST.getPolicyByGUIDAndServiceName(" + guid + ", " + serviceName + ")"); + } + RangerPolicy ret = null; + RangerPerfTracer perf = null; + try { + if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) { + perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getPolicyByGUIDAndServiceName(policyGUID=" + guid + ", serviceName="+ serviceName + ")"); + } + ret = svcStore.getPolicy(guid, serviceName); + if (ret != null) { + ensureAdminAndAuditAccess(ret); + } + } catch (WebApplicationException excp) { + throw excp; + } catch (Throwable excp) { + LOG.error("getPolicyByGUIDAndServiceName(" + guid + "," + serviceName + ") failed", excp); + throw restErrorUtil.createRESTException(excp.getMessage()); + } finally { + RangerPerfTracer.log(perf); + } + if (ret == null) { + throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true); + } + if (LOG.isDebugEnabled()) { + LOG.debug("<== ServiceREST.getPolicyByGUIDAndServiceName(" + guid + ", " + serviceName + "): " + ret); + } + return ret; + } + + @DELETE + @Path("/policies/guid/{guid}") + @Produces({ "application/json", "application/xml" }) + public void deletePolicyByGUIDAndServiceName(@PathParam("guid") String guid, @DefaultValue("") @QueryParam("serviceName") String serviceName) { + if (LOG.isDebugEnabled()) { + LOG.debug("==> ServiceREST.deletePolicyByGUIDAndServiceName(" + guid + ", " + serviceName + ")"); + } + RangerPolicy ret = null; + RangerPerfTracer perf = null; + try { + if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) { + perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.deletePolicyByGUIDAndServiceName(policyGUID=" + guid + ", serviceName="+ serviceName + ")"); + } + ret = getPolicyByGUIDAndServiceName(guid, serviceName); + if (ret != null) { + deletePolicy(ret.getId()); + } + } catch (WebApplicationException excp) { + throw excp; + } catch (Throwable excp) { + LOG.error("deletePolicyByGUIDAndServiceName(" + guid + "," + serviceName + ") failed", excp); + throw restErrorUtil.createRESTException(excp.getMessage()); + } finally { + RangerPerfTracer.log(perf); + } + if (LOG.isDebugEnabled()) { + LOG.debug("<== ServiceREST.deletePolicyByGUIDAndServiceName(" + guid + ", " + serviceName + ")"); + } + } + private HashMap<String, Object> getCSRFPropertiesMap(HttpServletRequest request) { HashMap<String, Object> map = new HashMap<String, Object>(); map.put(isCSRF_ENABLED, PropertiesUtil.getBooleanProperty(isCSRF_ENABLED, true)); diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml index ab2d9cd..96dc0df 100755 --- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml +++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml @@ -371,6 +371,10 @@ <query>select obj from XXPolicy obj where obj.id in (select item.policyId from XXPolicyItem item) </query> </named-query> + <named-query name="XXPolicy.findByGUIDAndServiceName"> + <query>select obj from XXPolicy obj, XXService svc where obj.guid = :guid and obj.service = svc.id and svc.name = :serviceName</query> + </named-query> + <!-- XXServiceDef --> <named-query name="XXServiceDef.findByName"> <query>select obj from XXServiceDef obj where obj.name = :name</query>